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Amendments to the Claims 

This listing of claims will replace all prior versions, and 
listings, of claims in the application: 

Listing of Claims; 

1 . (original) A system comprising a trusted computing platform, one or more logically protected 
computing environments and a filesystem comprising a plurality of files and links defining access 
paths between said files, the system being arranged to load onto said trusted computing platform 
a predetermined security policy including a plurality of security rules in respect of one or more 
of said logically protected computing environments and/or said files, the system being further 
arranged to determine that first and second security rules apply to a specified file or set of files, 
determine the complete set of files (or fileset) to which each of said first and second security 
rules applies, determine if the fileset of said first security rule is a complete subset of the fileset 
of said second security rule, and if so, apply said first security rule to said specified file or set of 
files, and otherwise, select one of said first and second security rules on the basis of another 
attribute thereof, and apply the selected security rule to said specified file or set of files. 

2. (original) A system according to claim 1, wherein said security rules comprise or include a 
plurality of file rules defining discretionary access controls in respect of one or more of said 
logically protected computing environments and/or files. 

3. (currently amended) A system according to claim 1 or claim 2 claim 1 , wherein said security 
rules comprise or include a plurality of execution control rules defining a modifying security 
attributes in respect of one or more of said logically protected computing environments and/or 
files. 
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4. (original) A system according to claim 2, wherein in said first and second security rules are 
file rules, and the fileset to which said first security rule applies is not a complete subset of the 
fileset to which the second security rules applies, the system is arranged to determine which of 
the first and second security rules is the most restrictive, and apply that rule to said specified file 
or set of files. 

5. (original) A system according to claim 3, wherein if said first and second security rules are 
execution control rules and the fileset to which said first security rule applies is not a complete 
subset of the fileset to which said second security rule applies, the system is arranged to select 
and apply the rule which was most recently added to the security policy. 

6. (original) A system according to claim 5, arranged to provide a warning or error message 
indicating to a user that a rule conflict exists. 

7. (currently amended) A system according to any one of the preceding claims claim L 
including means for identifying the creation of a rule conflict when a link between files or sets of 
files is created and providing an error message or warning accordingly. 

8. (original) A system according to claim 7, arranged to remove the offending link to remove the 
conflict. 

9. (canceled) 

10. (original) A method of applying a predetermined security policy to a system having trusted 
computing platform, one or more logically protected computing environments and a filesystem 
comprising a plurality of files and links defining access paths between said files, said security 
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computing environments and/or said files, the method comprising the steps of determining that 
first and second security rules apply to a specified file or set of files, determining the complete 
set of files (or fileset) to which each of said first and second security rules applies, determining if 
the fileset of said first security rule is a complete subset of the fileset of said second security rule, 
and if so, applying said first security rule to said specified file or set of files, and otherwise, 
selecting one of said first and second security rules on the basis of another attribute thereof, and 
applying the selected security rule to said specified file or set of files. 

1 1 . (original) A method according to claim 1 0 wherein the security rules define access controls 
and/or modify security attributes. 



12. (canceled) 



